package com.suredy.base.service;

import java.util.HashSet;
import java.util.List;
import java.util.Set;

import org.apache.commons.lang3.StringUtils;
import org.hibernate.criterion.DetachedCriteria;
import org.hibernate.criterion.Restrictions;
import org.springframework.stereotype.Service;

import com.suredy.base.model.Permission;
import com.suredy.base.model.User;
import com.suredy.base.model.User2Role;
import com.suredy.core.service.BaseSrvWithEntity;

@Service("UserSrv")
public class UserSrv extends BaseSrvWithEntity<User> {

	@Override
	public DetachedCriteria getDc(User t) {
		DetachedCriteria dc = super.getDc(t);
		if (t == null) {
			return dc;
		}
		if (!StringUtils.isBlank(t.getUserCode())) {
			dc.add(Restrictions.eq("userCode", t.getUserCode()));
		}
		if (!StringUtils.isBlank(t.getPwd())) {
			dc.add(Restrictions.eq("pwd", t.getPwd()));
		}

		return dc;
	}
	
	public User getById(String userId) {
		return this.get(userId);
	}
	
	public List<User> getAll() {
		return this.readByEntity(null);
	}

	public User getUser(String userCode, String pwd) {
		User search = new User();
		search.setUserCode(userCode);
		search.setPwd(pwd);

		User user = this.readSingleByEntity(search);

		return user;
	}
	
	public User getUser(String userCode) {
		User search = new User();
		search.setUserCode(userCode);
		User ret = this.readSingleByEntity(search);
		return ret;
	}
	
	public Set<String> getRoles(String userCode) {
		String sql = "SELECT ID, ROLEID, USERID FROM T_SECURITY_USER2ROLE WHERE USERID=?";
		List<User2Role> result = super.readBySQL(sql, User2Role.class, userCode);
		Set<String> ret = new HashSet<String>();
		for (User2Role m : result) {
			ret.add(m.getRoleId());
		}
		return ret;
	}
	
	public Set<String> getPermissions(String userCode){
		Set<String> permissions = new HashSet<String>();
		permissions.addAll(getRolePermissions(userCode));
		permissions.addAll(getUserPermissions(userCode));
		return permissions;
	}
	
	public Set<String> getRolePermissions(String userCode) {
		final String sql = "SELECT p.ID, p.ACTION, p.RESOURCEID, p.RESOURCEURI " +
				"FROM V_E_USER u LEFT JOIN T_SECURITY_USER2ROLE ur ON (u.ID=ur.USERID) " +
				"LEFT JOIN V_E_QZ r ON (ur.ROLEID=r.ID) "+
				"JOIN T_SECURITY_ROLE2PERMISSION rp ON (r.ID=rp.ROLEID) " +
				"JOIN T_SECURITY_PERMISSION p ON (rp.PERMISSIONID=p.ID) " +
				"WHERE u.userCode=?";
//		String sql = "SELECT p.ID, p.ACTION, p.RESOURCEID, p.RESOURCEURL " +
//	    "FROM V_E_USER u, V_E_QZ r, T_SECURITY_PERMISSION p, T_SECURITY_USER2ROLE ur, T_SECURITY_ROLE2PERMISSION rp "+
//		"WHERE u.userCode=? AND u.ID=ur.USERID AND r.ID=ur.ROLEID AND r.ID=rp.ROLEID AND p.ID=rp.PERMISSIONID";
		List<Permission> result = super.readBySQL(sql, Permission.class, userCode);
		Set<String> ret = new HashSet<String>();
		for (Permission p : result) {
			ret.add(p.getResource().getId());
		}
		return ret;
	}
	
	public Set<String> getUserPermissions(String userCode) {
		final String sql = "SELECT p.ID, p.ACTION, p.RESOURCEID, p.RESOURCEURI  "+
				"FROM V_E_USER u LEFT JOIN T_SECURITY_USER2PERMISSION up ON (u.ID=up.USERID) "+ 
				"JOIN T_SECURITY_PERMISSION p ON (up.PERMISSIONID=p.ID) "+ 
				"WHERE u.userCode=?";
		List<Permission> result = super.readBySQL(sql, Permission.class, userCode);
		Set<String> ret = new HashSet<String>();
		for (Permission p : result) {
			ret.add(p.getResource().getId());
		}
		return ret;
	}

}
